From 5f09c5081394d6c13b1b5a424255a8e13b27787d Mon Sep 17 00:00:00 2001
From: Jan Tychtl <jan.tychtl@gooddata.com>
Date: Tue, 24 Feb 2026 10:18:47 +0100
Subject: [PATCH] test: symlink PoC for pull_request_target audit

Adds a symlink in docs/content/en/latest/ pointing to .github/workflows/
to test whether rsync -a in the netlify-deploy-preview workflow preserves
symlinks, potentially exposing workflow files on the deployed Netlify preview.
---
 docs/content/en/latest/leaked-workflows | 1 +
 1 file changed, 1 insertion(+)
 create mode 120000 docs/content/en/latest/leaked-workflows

diff --git a/docs/content/en/latest/leaked-workflows b/docs/content/en/latest/leaked-workflows
new file mode 120000
index 000000000..0d8e4d132
--- /dev/null
+++ b/docs/content/en/latest/leaked-workflows
@@ -0,0 +1 @@
+../../../../.github/workflows
\ No newline at end of file